This document relates to network based authentication.
GSM cellular telephone systems, for example, use a subscriber identification module (SIM) in a user's mobile phone (MS, Mobile Station) for authentication prior to establishing a telephone call with the MS. In one approach, an HLR (Home Location Register) in conjunction with an AuC (Authentication Center) shared secret authentication data (e.g., a secret key Ki) with the SIM for each user that is registered in the HLR.
The SIM is designed not to disclose the secret authentication data, and the AuC/HLR also protects that data. When authentication for a call is needed, the MSC (Mobile Switching Center) of the network that is handling the MS requests data from the AuC/HLR, this data is commonly referred to as a “triplet,” consisting of RAND, SRES, and Kc. The RAND is a random number, which in combination with Ki the secret authentication data known to the SIM in the MS can generate SRES (signed response) and Kc (confidentiality key). The MSC passes RAND to the MS, which uses the SIM card's cryptographic processing of RAND to generate SRES and Kc. The MS sends SRES back to the MSC. The MSC compares the value of SRES it received from the AuC/HLR and the value it received from the MS, and if it they match, it treats the MS as authenticated. The MSC and MS then communicate securely based on the session key Kc they now know they share. In GSM networks, Kc is sent from MSC to Base Transceiver Station to be able to encrypt/decrypt the over-the-air channel.
The SIM is typically implemented as a removable card that can be moved from phone to phone when a user changes phones. The SIM card can include storage for data that is personal to the user, including for example, a dialing directory, call logs, and text or voice messages.
SIM functions have been integrated into computer-based devices, for example, for use for secure commercial transactions. For example, a commerce server may authenticate a credit card in an exchange that is similar to that used in a GSM network.
SIM functions have also been used for access control for wireless networks, in which an authentication server for the wireless network, for example, a server that interacts with the wireless devices using the RADIUS protocol, communicates with the HLR/AuC function of a wireless telephone network to receive a (RAND, SRES, Kc) triplet that the authentication server uses to determine whether to provide network access to the wireless device. In some such approaches, EAP (Extensible Authentication Protocol)—SIM and 802.1x protocols are used between the wireless device and the authentication server. The SIM function in such approaches can be integrated into a USB or PCMCIA card for insertion into a computer that seeks to be authenticated to access a wireless network.